Originally developed internally by the Platform Engineers at Slalom Build, based on our experience building enterprise-grade Terraform for customers. We decided to open source this accelerator to empower other engineers, encourage contributions and work more collaboratively with customers.
-
Stop re-inventing the wheel! Create a repository that can be used to quickly provision resources in AWS, Azure and GCP. The approach must be -
- scalable - scaling from one small group of resources in one region to many resources, in multiple accounts, in multiple regions should not be difficult or overly complex
- maintainable - the structure should be logical, code should be DRY and straightforward, no hacks
- extensible - the patterns used should enable others to a) easily extend existing code, and b) create their own implementations
- well-tested - no explanation required hopefully!
- not just our best practice - follow Terraform best practices as closely as possible. See naming conventions and code structure
- batteries included - pre-commit config, example workflows, terraform tooling, etc.
-
Standardize creation of the following basic resources (and more as the need is discovered), with the understanding that they will be further customized for every use case (reference):
Service type AWS Google Cloud Azure Virtual networking VPC Virtual Private Cloud Azure Virtual Network DNS Route 53 Cloud DNS Azure DNS Virtual machines EC2 Compute Engine Azure Virtual Machines Autoscaling AutoScaling Groups Compute Engine AutoScaler Azure Autoscale, Azure Virtual Machine Scale Sets Load balancing Application Load Balancing Cloud Load Balancing Azure Load Balancer Auditing CloudTrail Cloud Audit Logs Azure Audit Logs Monitoring CloudWatch Cloud Monitoring Azure Monitor Policy enforcement AWS Config Compute Resource Policy Azure Policy Parallel task execution SQS, SNS Cloud Tasks Azure Service Bus, Azure Storage Queues Terraform state storage S3 & DynamoDB Cloud Datastore Azure Storage -
Create integration tests for every module we create and use
-
Create a robust CI/CD pipeline for end-to-end deployment and testing of infrastructure code
-
Build a community of maintainers and contributors for as long as the accelerator remains useful
-
Manage vulnerabilities to improve the overall security posture of solutions based on the accelerator
This accelerator is best suited for:
- Managing multiple environments on a medium/large/enterprise scale
- Single-region, multi-region, or hybrid-cloud deployments
- Terraform automation and collaboration, to enable team autonomy and enable multiple teams to own infrastructure
- Green-field (landing zone) or brown-field development (bring your own accounts)
- Either
terraform
oropentofu
When you should pass on this accelerator:
- If you need to use Terraform Cloud as a back-end (atmos doesn't support it yet)
- If your terraform is very simple and likely won't grow in complexity
.
├── .github # GitHub workflows and repo config
├── .vscode # VSCode settings
├── components
│ └── terraform # Terraform components
│ ├── aws
│ ├── azure
│ └── gcp
├── config # Atmos configuration files
│ ├── aws
│ │ └── atmos.yaml
│ ├── azure
│ │ └── atmos.yaml
│ └── gcp
│ └── atmos.yaml
├── docs # Project documentation
├── examples # Example configs and stacks
│ ├── config
│ └── stacks
└── stacks # Atmos stack configurations
├── aws # AWS stack definitions
│ ├── automation
│ ├── catalog
│ ├── dev
│ ├── prod
│ └── staging
├── azure # Azure stack definitions
│ └── dev
└── gcp # GCP stack definitions
└── dev
Clone this repo and cd
into it.
git clone git@github.com:slalombuild/terraform-atmos-accelerator.git
cd terraform-atmos-accelerator
Using Homebrew, install terraform
, atmos
, trivy
and pre-commit
:
brew install terraform atmos trivy pre-commit
Install go the Azure verified module autofix tool
go install github.com/lonegunmanb/avmfix@latest
Test your setup
terraform version
atmos version
trivy --version
go version
go env
pre-commit -V
which avmfix
Set the atmos environment variables (and perhaps add to your ~/.zprofile
, so they persist)
export ATMOS_CLI_CONFIG_PATH="./config"
export ATMOS_BASE_PATH="./"
Install the pre-commit hook
pre-commit install
Open VSCode and accept the recommended extensions for this repository.
code .
If you receive an error running code
, open VSCode, then the Command Palette, type for PATH
, and click Shell Command: Install 'code' command in your PATH
. Re-run the command above.
Contributions are always welcome! Fork this repository, make your changes, submit a PR. Bosh.
See Setup your local environment for instructions how to configure your local environment, and the steps necessary to run the pre-commit hooks. Once setup, run pre-commit run
in the repository root before commiting your changes.
Raise an issue via Github. Or if you're part of the Slalom Build team, contact us internally via our #terraform-accelerator channel.
Copyright © 2023 Slalom LLC.
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.